PanicTunnl
  • Products
  • Docs
  • Pricing
  • Contact
Join Discord

./legal/privacy-policy

Privacy Policy

Last Updated: May 2026

We are developers (Pallav and Ariyan), and we built PanicTunnl to be completely zero-knowledge. We don't track you, profile you, or collect your files. This policy explains exactly what data passes through our servers and what is saved in our database. No corporate larping, just the code-level facts.

1. The Zero-Knowledge Privacy Guarantee

PanicTunnl is a pass-through proxy.

  • No File or Payload Logging: We do not inspect, log, analyze, intercept, or store any file contents, HTTP request headers, or database payloads passing through active tunnels.
  • Purely In-Memory Pipe: The data flows in real-time from the recipient's browser, through our edge server's memory, into the encrypted SSH tunnel, and onto your local disk. It is never written to temporary files or persistent logs on our servers.
  • No User Accounts: We do not require usernames, passwords, social logins, or profile creation to use the Service.

2. Information We Store on Disk (SQLite Database)

Our backend maintains a single SQLite database (skyport_keys.db) for key validation, order provisioning, and aggregate operational health. The database consists of the following tables and data points:

A. Paid Orders and Billing (orders table)

To manage active subscriptions, we store the minimal details needed to deliver and maintain your subscription:

  • Customer Email Address: The only direct personally identifiable information (PII) we collect. Used solely to email access keys and handle customer support.
  • Payment Identifiers: Transaction and payment IDs generated by our payment processor (DodoPayments).
  • Product SKU: Identifies the purchased plan (e.g., Base 30 days, Homelab 90 days, etc.).
  • Access Key: The cryptographic token provisioned for your subscription (e.g., sky_bs_...).
  • Transaction Metrics: Total amount in cents, currency (e.g., USD), payment timestamp, delivery status, and delivery email attempt logs.

B. Payment Webhooks (payment_events table)

  • Raw Webhook Payloads: We store the raw JSON payloads received from our payment processor (DodoPayments) to verify signature authenticity, prevent duplicate billing (idempotency deduping), and troubleshoot checkout errors.
  • PII Warning: While these payloads contain transactional details, transaction timestamps, and payment IDs, they never contain raw credit card numbers, CVV security codes, bank routing numbers, or account credentials. All payment details are held securely by our Merchant of Record.

C. Access Keys (keys table)

  • Subscription Keys: High-entropy, cryptographically secure random secret tokens representing active access privileges, along with their plan tier and expiration date (expires_at). These are simple API-key-style access tokens, not public/private asymmetric keys (like SSH Ed25519 keys).
  • Hashed Tunnel Passwords: If you configure a custom access password for a private tunnel, our backend immediately hashes it using bcrypt (with a slow-hashing salt factor in a background thread) before saving it. Plaintext passwords are never written to disk.

D. Persistent Tunnels (persistent_tunnels table)

  • Subdomain Reclaims: To allow paid users to keep the same URL upon reconnecting, we store a record of the active access key, the target service ID, the allocated subdomain (e.g., my-app-hl), and a cryptographically secure random session secret.

E. Tunnel Metadata Logs (audit_log table)

We maintain an operational log of tunnel sessions for network capacity planning, security audits, and key enforcement:

  • Subdomain: The URL allocated for the session (e.g., app-xyz12345.panictunnl.run).
  • Subscription Key: The key associated with the active session.
  • Service Code: Identifies the service type (generic tunnel vs specific tools).
  • Time Metrics: Timestamps of when the tunnel was opened (opened_at) and closed (closed_at).
  • Note: Old or orphan entries from a previous session are automatically closed and cleared during server startup (crash recovery).

F. Aggregated Metrics (hourly_stats table)

We keep hourly aggregate counts to monitor network load:

  • Cumulative number of active tunnels, total bytes transferred in (bytes_in), total bytes transferred out (bytes_out), and counts grouped by tier and service category.
  • Auto-Purge: All records in the hourly_stats table are automatically and permanently deleted from disk after 7 days.

3. Transient Data Processed in Memory (Not Persisted)

To defend our infrastructure and maintain high performance, some data is processed transiently in our server's random-access memory (RAM). This data is never written to persistent storage and is regularly cleared.

A. IP Addresses for Security and Firewalling (firewall.py)

To prevent Denial of Service (DoS) attacks and defend against brute-force intrusion, our backend monitors client IP addresses in RAM:

  • Connection Rate Limiter: Tracks incoming TCP connections per IP in a sliding 1-second window.
  • Request Rate Limiter: Limits the Requests Per Second (RPS) per IP using an in-memory token-bucket filter.
  • Auth Abuse Blocker: Tracks failed authentication attempts. IPs demonstrating suspicious behavior (such as 10 failed login attempts in 5 minutes) are flagged in an in-memory reputation table and blocked temporarily for 10 minutes.
  • In-Memory Pruning: A background cleanup loop runs every 60 seconds to prune and evict stale IP addresses and buckets from memory.

B. Standard Edge Logs (edge.py)

  • Access Logs: Like any web proxy, our edge server logs standard connection lines containing the client IP, HTTP method, target Host header, and Request Path (truncated to 200 characters to prevent log injection or URL payload leak). These logs are transient and used solely for real-time monitoring and routing metrics.

C. Replay-Attack Protection (skyauth.py)

  • One-Time JWT JTIs: To prevent authentication replay attacks, our single sign-on edge handler caches unique JWT identifiers (JTIs) in RAM. A background task purges and discards expired tokens from memory every 60 seconds.

D. Stealth Operator Dashboard (admin.py)

Our operational control panel is built from the ground up on the Zero-Knowledge Principle:

  • The dashboard is completely hidden (responding as a plain 404 page unless unlocked via an administrative key).
  • Operator Blind Spot: Even when logged in, system administrators cannot view client IP addresses, plaintext access keys, complete HTTP request paths, or client User-Agent strings. Operators only see aggregate counts, active subdomains, and bandwidth statistics.

4. Third-Party Data Processors

We partner with a minimal number of trusted subprocessors to handle payments and transactional emails:

  • DodoPayments (Merchant of Record): Acts as our payment gateway and checkout host. When you purchase a key, you are interacting with DodoPayments, who handles your name, billing address, tax details, and payment credentials according to their own privacy policies. They send us a success webhook containing only your email, payment ID, and the transaction amount.
  • Resend (Transactional Email API): We use Resend to deliver your purchased access key. Only your email address, purchase tier, duration, payment ID, and the cryptographic access key itself are sent to Resend's API.
  • Let's Encrypt (SSL Provider): Used to dynamically request and provision TLS certificates for wildcard domains to secure your tunnels. No customer data or PII is sent to Let's Encrypt.

5. Your Rights and Data Deletion

Because we collect the bare minimum amount of data to operate:

  • Email Access: We do not store password credentials or user profiles. If you need to recover a lost key, we can retrieve it by looking up paid transactions matching your customer email address.
  • Data Rectification/Deletion: If you want your email address and purchase history permanently deleted from our SQLite database, you can make a request by joining our Discord server and messaging the operators.
  • Please Note: Deleting your billing record and email from our database will make it impossible for us to recover your access key, verify your active subscription, or issue a refund if the key is lost.

6. Contact and Privacy Inquiries

If you have any questions about this Privacy Policy, our data practices, or our Zero-Knowledge architecture, please contact us directly:

  • Discord Community: https://discord.gg/dp98j9ejh9
PanicTunnl[ LIVE ]

Expose localhost to the internet in one command. E2E encrypted SSH tunnels, static IPs, no account needed.

// Navigation

  • [ PRODUCTS ]
  • [ DOCS ]
  • [ PRICING ]
  • [ CONTACT ]
  • [ TERMS ]
  • [ PRIVACY ]

// Operators

Pallav

Ariyan

© 2026 PanicTunnl•JAIPUR // 26.9124° N, 75.7873° E
SYSTEMS OPERATIONAL